无线局域网中的安全策略分析与改进
|
摘要
无线通信和Internet技术的迅速发展给人们的生活方式和生活质量带来了巨大的变化,越来越多的用户希望在移动过程中高速接入Internet,无线局域网具有灵活的移动能力和足够高的传输速率,是当代无线通信的重要技术之一,随着应用的不断广泛,其安全问题也越来越突出,己成为一个研究热点。无线局域网中的数据通过高频无线电波传输,极易遭到窃听,而且在无线局域网环境中,有线网络的物理访问控制手段难以适用。为了不让安全问题成为制约无线局域网市场发展的瓶颈,1997年6月公布的IEEE 802.11中使用了WEP协议作为其加密机制,其目标是为WLAN提供与有线网络相同级别的安全保护,其中利用RC4算法作为其核心加密算法,同时用CRC提供校验,并且提供了两种认证方式,2001年5月802.11工作组领导成立了802.11i任务组,改由其专门负责制定WLAN的安全标准,IEEE 802.11i标准于2004年6月正式颁布,它从身份认证和数据保密等方面进行设计,包括了TKIP协议、CCMP协议、802.1x协议等,另外,2003年5月,我国提出了无线局域网国家标准GB15629.11,引入了全新的安全机制——无线局域网鉴别和保密基础结构WAPI。
本论文首先研究了无线局域网已有的安全标准的工作原理,包括了IEEE 802.11中的安全机制、IEEE 802.11i标准以及WAPI标准,分别从身份认证、数据加密和数据完整性三个方面对每个标准进行了介绍。通过安全分析,我们说明了在其设计中存在的一系列缺陷,以及由此可能导致的一些攻击方式,尤其对身份认证协议进行了更详细的安全漏洞分析,然后针对这些安全漏洞,本文提出了一种新的认证协议——增强安全的无线认证协议EAP-WAPoES。该协议实行了双向身份认证,并且对AP进行认证,防止了假冒AP攻击,同时还进行安全的密钥协商和密钥确认,第三方无法获知加密密钥,另外,对用户的身份信息也进行了充分的保护,但是协议对STA、AP和AS三方的计算能力都有一定的要求,尤其是在AP和AS端需要进行多次的加密、解密、签名以及解签名运算,所以协议执行的整体效率还有待改进。另外,本文简单地研究了EAP-WAPoES协议的实现框架,分别给出了认证者模块和客户端模块的实现框架。
Rapid development of wireless communication and internet technique brings enormous changes to the people’s life style and life quality. More and more consumers hope to access internet with high speed when moving. WLAN has agile ability of moving and its speed of transmission is high enough, so it becomes one of the important techniques in wireless communication of the time. As it is applied constantly abroad, the security problems of WLAN become more and more extrusive and have already turned into a research hotspot. The data in WLAN are transmitted by radio wave of high frequency, so they are easy to suffer wiretapping, and furthermore it is hard to use the physical access control means of wired network in the environment of WLAN. In order to make the security problems not to become the bottleneck of restricting the development of WLAN markets, the IEEE 802.11 promulgated in June of 1997 uses WEP protocol as its encryption mechanism. The aim of WEP is to provide security protection of same level with wired network for WLAN. WEP uses RC4 arithmetic as its kernel encryption arithmetic, and meanwhile it uses CRC to provide checkout. Furthermore WEP provides two kinds of authentication manners. In May of 2001 leaders of 802.11 workgroup established 802.11i task group with the special responsibility of constituting security standard of WLAN. IEEE 802.11i standard was formally promulgated in June of 2004. It is designed with aspects of identity authentication, data encryption and so on, and it includes TKIP protocol, CCMP protocol, 802.1x protocol and so on. In addition, our country put forward WLAN national standard GB15629.11 in May of 2003, introducing completely new security mechanism——WLAN Authentication and Privacy Infrastructure(WAPI).
First this dissertation studies the work principium of existent WLAN security standard, including the security mechanism in IEEE 802.11, IEEE 802.11i standard and WAPI standard. We respectively introduce every standard from three aspects such as identity authentication, data encryption and data integrality. According to the security analysis, we explain a series of lacunas existing in the design, and some attack manners which can be possibly aroused by the lacunas. We especially make more detailed analysis of security leak in identity authentication protocol. And then contraposing these security leaks, this dissertation puts forward a kind of new authentication protocol——Wireless Authentication Protocol of Enhanced Security(WAPoES). This protocol carries out identity authentication of double direction, and authenticates AP preventing attack of counterfeiting AP. Meanwhile this protocol carries out secure key negotiation and key affirmance, and the third party can’t get the encryption key. In addition this protocol fully protects the identity information of the consumer. But this protocol needs STA, AP, AS to have necessary ability of calculation. Especially AP and AS need to run calculation of encrypting, deciphering, signing and validating signature for several times. So the holistic efficiency of executing this protocol waits to be improved. In addition this dissertation simply studies the implementation framework of EAP-WAPoES protocol. We respectively present the implementation framework of authenticator module and client module.
本论文首先研究了无线局域网已有的安全标准的工作原理,包括了IEEE 802.11中的安全机制、IEEE 802.11i标准以及WAPI标准,分别从身份认证、数据加密和数据完整性三个方面对每个标准进行了介绍。通过安全分析,我们说明了在其设计中存在的一系列缺陷,以及由此可能导致的一些攻击方式,尤其对身份认证协议进行了更详细的安全漏洞分析,然后针对这些安全漏洞,本文提出了一种新的认证协议——增强安全的无线认证协议EAP-WAPoES。该协议实行了双向身份认证,并且对AP进行认证,防止了假冒AP攻击,同时还进行安全的密钥协商和密钥确认,第三方无法获知加密密钥,另外,对用户的身份信息也进行了充分的保护,但是协议对STA、AP和AS三方的计算能力都有一定的要求,尤其是在AP和AS端需要进行多次的加密、解密、签名以及解签名运算,所以协议执行的整体效率还有待改进。另外,本文简单地研究了EAP-WAPoES协议的实现框架,分别给出了认证者模块和客户端模块的实现框架。
Rapid development of wireless communication and internet technique brings enormous changes to the people’s life style and life quality. More and more consumers hope to access internet with high speed when moving. WLAN has agile ability of moving and its speed of transmission is high enough, so it becomes one of the important techniques in wireless communication of the time. As it is applied constantly abroad, the security problems of WLAN become more and more extrusive and have already turned into a research hotspot. The data in WLAN are transmitted by radio wave of high frequency, so they are easy to suffer wiretapping, and furthermore it is hard to use the physical access control means of wired network in the environment of WLAN. In order to make the security problems not to become the bottleneck of restricting the development of WLAN markets, the IEEE 802.11 promulgated in June of 1997 uses WEP protocol as its encryption mechanism. The aim of WEP is to provide security protection of same level with wired network for WLAN. WEP uses RC4 arithmetic as its kernel encryption arithmetic, and meanwhile it uses CRC to provide checkout. Furthermore WEP provides two kinds of authentication manners. In May of 2001 leaders of 802.11 workgroup established 802.11i task group with the special responsibility of constituting security standard of WLAN. IEEE 802.11i standard was formally promulgated in June of 2004. It is designed with aspects of identity authentication, data encryption and so on, and it includes TKIP protocol, CCMP protocol, 802.1x protocol and so on. In addition, our country put forward WLAN national standard GB15629.11 in May of 2003, introducing completely new security mechanism——WLAN Authentication and Privacy Infrastructure(WAPI).
First this dissertation studies the work principium of existent WLAN security standard, including the security mechanism in IEEE 802.11, IEEE 802.11i standard and WAPI standard. We respectively introduce every standard from three aspects such as identity authentication, data encryption and data integrality. According to the security analysis, we explain a series of lacunas existing in the design, and some attack manners which can be possibly aroused by the lacunas. We especially make more detailed analysis of security leak in identity authentication protocol. And then contraposing these security leaks, this dissertation puts forward a kind of new authentication protocol——Wireless Authentication Protocol of Enhanced Security(WAPoES). This protocol carries out identity authentication of double direction, and authenticates AP preventing attack of counterfeiting AP. Meanwhile this protocol carries out secure key negotiation and key affirmance, and the third party can’t get the encryption key. In addition this protocol fully protects the identity information of the consumer. But this protocol needs STA, AP, AS to have necessary ability of calculation. Especially AP and AS need to run calculation of encrypting, deciphering, signing and validating signature for several times. So the holistic efficiency of executing this protocol waits to be improved. In addition this dissertation simply studies the implementation framework of EAP-WAPoES protocol. We respectively present the implementation framework of authenticator module and client module.
引文
[1] Evolution of WLAN Security. http://www.mtghouse.com/MDC_Evolving_Standards.pdf.
[2] 王东. 无线局域网的安全策略. 通信管理与技术. 2004 年第 5 期.
[3] IEEE Standards Board. 802 part 11:Wireless LAN Medium Access Control(MAC) and Physical Layer(PHY) specifications. IEEE Standard 802.11, 1999.
[4] Cisco. A Comprehensive Review of 802.11 Wireless LAN Security and the Cisco Wireless Security Suite.
[5] Arunesh Mishre, Willian A.Arbangh. An Initial Security Analysis of the IEEE802.1x Standard. http://www.prism.gatech.edu/gte369k/csc/802_1x.pdf.
[6] IEEE Standard for Local and Metropolitan Network—Port Based Network Access Control. IEEE Std 802.1x-2001.
[7] Jim Celer. 无线局域网. 北京邮电出版社 2001.
[8] Fluhrer, S., I. Mantin, and A. Shamir. Weaknesses in the key schedule algorithm of RC4. in Proc. 4th Annual Workshop on Selected Areas of Cryptography, 2001, pp. 3 ~ 25.
[9] Adam Stubblefield, John Ioannidis, Aviel D. Rubin. Using the Fluhrer, Mantin, and Shamir Attack to Break WEP. August 21, 2001.
[10] IEEE P802.11i D3.0, Specification for Enhanced Security. http://www.cs.umd.edu /~mhshin/doc/802.11/802.11i-D3.0.pdf, November 2002.
[11] 吴瑜. 无线局域网安全与 PKI 安全体系[D]. 北京:北京邮电大学, 2005, 3, 10.
[12] 2003 VOCAL Technologies Datasheet: CCMP, http://www.vocal.com/CCMP.pdf.
[13] IEEE Standard 802.11i: Wireless Medium Access Control(MAC) and physical layer(PHY) specifications: Medium Access Control(MAC) Security Enhancements, Jun, 2004.
[14] 曹秀英等. 无线局域网安全系统. 电子工业出版社. 2004, 3.
[15] C.Rigney, W.Willats, P.Calhoun. RADIUS Extensions, RFC2869, 2000, (9): 109~118.
[16] Song Yubo, Hu Aiqun. The authentication in public WLAN when access controller deployed. Neural Networks and Signal Processing, 2003.
[17] 802.1x Port Access Control for WLANs. http://www.wi-fiplanet.com/tutorials/ article.php/3073201.
[18] 陶晓明,孙树峰. 无线安全协议 802.1x 的认证研究. 现代电子技术. 2004 年 13 期.
[19] Ding PQ, Holliday JN, Celik A. Improving the security of wireless LANs by managing 802.1x disassociation. Consumer Communications and Networking Conference, 2004.
[20] 李林,李晖等. 基于 802.1x 技术的无线局域网安全性研究. 电子科技. 2004 年第 7 期.
[21] 李波,雷维礼. IEEE 802.11i 标准与 WLAN 的安全性. 通信与信息技术. 2004 年 04 期.
[22] ITU-T Recommendation X.509 (1997)ISO/IEC 9594-8: 1997. Information Technology - Open Systems Interconnection - The Directory: Authentication Framework.
[23] USECA D09 Intermediate report on a PKI architecture for UMTS, http://www.isrc. rhul.ac.uk/useca/Deliverables/D09.PDF.
[24] B.Aboba, D.Simon, PPP EAP TLS Authentication Protocol, RFC2716, October 1999.
[25] Tim Moore, "suggested Changes to Rbust Security Network (RSN) for IEEE802.11", doc.:IEEE802.11-02/298r4, September 2002.
[26] Jesse Walker, Clint Chaplin, Tim Moore, etal, "Proposed TGi D1.8 Clause 8 Editing Changes", doc.:IEEE802.11-02/178r0, March 2002.
[27] Bernard Aboba, "IEEE802.1X Pre-Authentication", doc.:IEEE802.11-02/389r0, June 17, 2002.
[28] Arunesh Mishra, William A. Arbaugh, "An Initail Security Analysis of the IEEE802.1X Standard", February 2000.
[29] GB15629.11-2003《信息技术系统间远程通信和信息交换局域网和城域网特定要求第 11部分:无线局域网媒体访问(MAC)和物理(PHY)层规范》.
[30] 曹秀英,耿嘉,沈平等编著. 无线局域网安全系统. 北京:电子工业出版社, 2004.
[31] 徐朴,卢平平,江溯. 无线局域网 HiperLan/2 标准综述. 中兴通讯技术, 2001, 5 (8).
[32] 韩玮. 无线局域网安全技术研究:[硕士论文]. 西安:西安电子科技大学, 2003.
[33] B.Song, K.Kim.Two-pass authenticated key agreement protocol with key confirmation. Progress in Cryptology-INDOCRYPT 2000, LNCS 1977. Springer-Verlag, 2000. pp. 237~249.
[2] 王东. 无线局域网的安全策略. 通信管理与技术. 2004 年第 5 期.
[3] IEEE Standards Board. 802 part 11:Wireless LAN Medium Access Control(MAC) and Physical Layer(PHY) specifications. IEEE Standard 802.11, 1999.
[4] Cisco. A Comprehensive Review of 802.11 Wireless LAN Security and the Cisco Wireless Security Suite.
[5] Arunesh Mishre, Willian A.Arbangh. An Initial Security Analysis of the IEEE802.1x Standard. http://www.prism.gatech.edu/gte369k/csc/802_1x.pdf.
[6] IEEE Standard for Local and Metropolitan Network—Port Based Network Access Control. IEEE Std 802.1x-2001.
[7] Jim Celer. 无线局域网. 北京邮电出版社 2001.
[8] Fluhrer, S., I. Mantin, and A. Shamir. Weaknesses in the key schedule algorithm of RC4. in Proc. 4th Annual Workshop on Selected Areas of Cryptography, 2001, pp. 3 ~ 25.
[9] Adam Stubblefield, John Ioannidis, Aviel D. Rubin. Using the Fluhrer, Mantin, and Shamir Attack to Break WEP. August 21, 2001.
[10] IEEE P802.11i D3.0, Specification for Enhanced Security. http://www.cs.umd.edu /~mhshin/doc/802.11/802.11i-D3.0.pdf, November 2002.
[11] 吴瑜. 无线局域网安全与 PKI 安全体系[D]. 北京:北京邮电大学, 2005, 3, 10.
[12] 2003 VOCAL Technologies Datasheet: CCMP, http://www.vocal.com/CCMP.pdf.
[13] IEEE Standard 802.11i: Wireless Medium Access Control(MAC) and physical layer(PHY) specifications: Medium Access Control(MAC) Security Enhancements, Jun, 2004.
[14] 曹秀英等. 无线局域网安全系统. 电子工业出版社. 2004, 3.
[15] C.Rigney, W.Willats, P.Calhoun. RADIUS Extensions, RFC2869, 2000, (9): 109~118.
[16] Song Yubo, Hu Aiqun. The authentication in public WLAN when access controller deployed. Neural Networks and Signal Processing, 2003.
[17] 802.1x Port Access Control for WLANs. http://www.wi-fiplanet.com/tutorials/ article.php/3073201.
[18] 陶晓明,孙树峰. 无线安全协议 802.1x 的认证研究. 现代电子技术. 2004 年 13 期.
[19] Ding PQ, Holliday JN, Celik A. Improving the security of wireless LANs by managing 802.1x disassociation. Consumer Communications and Networking Conference, 2004.
[20] 李林,李晖等. 基于 802.1x 技术的无线局域网安全性研究. 电子科技. 2004 年第 7 期.
[21] 李波,雷维礼. IEEE 802.11i 标准与 WLAN 的安全性. 通信与信息技术. 2004 年 04 期.
[22] ITU-T Recommendation X.509 (1997)ISO/IEC 9594-8: 1997. Information Technology - Open Systems Interconnection - The Directory: Authentication Framework.
[23] USECA D09 Intermediate report on a PKI architecture for UMTS, http://www.isrc. rhul.ac.uk/useca/Deliverables/D09.PDF.
[24] B.Aboba, D.Simon, PPP EAP TLS Authentication Protocol, RFC2716, October 1999.
[25] Tim Moore, "suggested Changes to Rbust Security Network (RSN) for IEEE802.11", doc.:IEEE802.11-02/298r4, September 2002.
[26] Jesse Walker, Clint Chaplin, Tim Moore, etal, "Proposed TGi D1.8 Clause 8 Editing Changes", doc.:IEEE802.11-02/178r0, March 2002.
[27] Bernard Aboba, "IEEE802.1X Pre-Authentication", doc.:IEEE802.11-02/389r0, June 17, 2002.
[28] Arunesh Mishra, William A. Arbaugh, "An Initail Security Analysis of the IEEE802.1X Standard", February 2000.
[29] GB15629.11-2003《信息技术系统间远程通信和信息交换局域网和城域网特定要求第 11部分:无线局域网媒体访问(MAC)和物理(PHY)层规范》.
[30] 曹秀英,耿嘉,沈平等编著. 无线局域网安全系统. 北京:电子工业出版社, 2004.
[31] 徐朴,卢平平,江溯. 无线局域网 HiperLan/2 标准综述. 中兴通讯技术, 2001, 5 (8).
[32] 韩玮. 无线局域网安全技术研究:[硕士论文]. 西安:西安电子科技大学, 2003.
[33] B.Song, K.Kim.Two-pass authenticated key agreement protocol with key confirmation. Progress in Cryptology-INDOCRYPT 2000, LNCS 1977. Springer-Verlag, 2000. pp. 237~249.